Can I use bind with TCP only

[Barry Margolin]

In article <941tnv$bmv at pub3.rc.vix.com>,
Andreas Schmidt-Ehrenberg  <schmidt.eh at katek.de> wrote:
>Can I use bind with TCP only , for use behind a firewall 

I don't think there's a way to tell BIND it should always use a TCP
connection for its queries.  Also, even if you could, it probably wouldn't
work well.  Many sites block TCP connections to their nameservers, because
they think this is the way to prevent zone transfers (they don't know about
xfrnets/allow-transfer, they know but haven't bothered to configure it, or
they're doing both to get extra protection).  So if you tried to use TCP to
look things up in those domains, you would fail.

I don't think there are any firewalls that can't be configured to allow
normal DNS through in some way, so it shouldn't be necessary to for TCP use
to accomplish this.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.